67d2c9c857b07e0d8e2f056a8393221d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67d2c9c857b07e0d8e2f056a8393221d_JaffaCakes118
Size

348KB
MD5

67d2c9c857b07e0d8e2f056a8393221d
SHA1

aa696b1e55029c44c2f11c43a171f2197d45c3a8
SHA256

09e877a4ed762c6619a2b4c7230a20ba58e3d786c1bef847be875fd59327dae7
SHA512

b93181f5be983ab6c1dc9fd05a1cfb565ce6c1deab12851091bbb9fc598238cb7cda75db8c7d4bf8f376a3b56d5afeb3c9874b2c2a95c145d5e888ccd9493cbf
SSDEEP

6144:a3XO66X3kBqBovhCFxCjU3Efphdi1fE8BKmXIHot/49KQMnNr1SwaZgdP/kzY:a34UBRJ6SU0xho1fEA9IIt4EBNMZCE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67d2c9c857b07e0d8e2f056a8393221d_JaffaCakes118

Files

67d2c9c857b07e0d8e2f056a8393221d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b29cc2b7e61a26603a9eb978c094fa72

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
lstrlenW
lstrcpyW
lstrcatW
GetLocaleInfoW
GetUserDefaultLCID
WritePrivateProfileStringW
LocalAlloc
GetPrivateProfileStringW
GetPrivateProfileIntW
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
HeapReAlloc
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
EnterCriticalSection
GetLocalTime
LeaveCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
HeapFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
Sleep
SetUnhandledExceptionFilter
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
VirtualQuery
GetStartupInfoA
GetCommandLineA
RtlUnwind
RaiseException
MulDiv
WideCharToMultiByte
VirtualFree
ResumeThread
TerminateProcess
GlobalFree
GetThreadContext
VirtualQueryEx
LoadLibraryA
FreeLibrary
GlobalAlloc
VirtualAlloc
ExitProcess
FindAtomA
GetTempPathA
lstrcmpA
GetTempFileNameA
CreateFileA
WriteFile
GetCurrentProcess
CreateProcessA
WaitForSingleObject
lstrlenA
CloseHandle
GetCurrentThreadId
GetModuleHandleA
QueryPerformanceCounter
GetLastError
OpenProcess
GetProcAddress
lstrcatA
lstrcpyA

user32

LoadStringW
CreateWindowExW
AppendMenuW
GetMessageW
TranslateMessage
DispatchMessageW
RegisterClassW
GetAsyncKeyState
DefWindowProcW
UpdateWindow
LoadIconW
SetCapture
PostQuitMessage
InvalidateRect
BeginPaint
EndPaint
GetMenu
CheckMenuItem
EnableMenuItem
GetDialogBaseUnits
ReleaseCapture
IsIconic
PostMessageW
GetSystemMenu
SetRect
GetWindowLongW
SetWindowRgn
SetWindowLongW
SetWindowPos
ShowWindow
IsZoomed
SetCursor
GetSystemMetrics
GetClientRect
FillRect
OffsetRect
KillTimer
SetTimer
GetDC
ReleaseDC
GetSysColor
LoadCursorW
SetWindowTextW
wsprintfW
IsWindowVisible
GetCursorPos
ClientToScreen
EqualRect
OpenInputDesktop
GetThreadDesktop
SetThreadDesktop
InflateRect
GetFocus
wsprintfA
FindWindowA
GetWindowThreadProcessId
GetWindowRect
CloseDesktop
MessageBoxW

shell32

ShellAboutW

shlwapi

SHGetValueA

advapi32

CreateProcessAsUserA

gdi32

DeleteObject
CreateFontIndirectW
GetTextExtentPointW
GetTextExtentExPointW
CreateDiscardableBitmap
SetTextColor
ExtTextOutW
SetBkMode
BitBlt
Rectangle
LineTo
CreateEllipticRgn
SetROP2
SelectObject
GetStockObject
Polygon
GetDeviceCaps
CreateSolidBrush
CreatePen
MoveToEx
GetBkMode
GetBkColor
DeleteDC
CreateCompatibleDC
GetNearestColor
PatBlt
SetBkColor
SetTextAlign

comdlg32

ChooseFontW

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b29cc2b7e61a26603a9eb978c094fa72

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

advapi32

gdi32

comdlg32

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 270KB - Virtual size: 274KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 270KB - Virtual size: 274KB

.rsrc
Size: 4KB - Virtual size: 3KB